Security reporter tells Ars about hacked 911 call that sent SWAT team to his house (Updated)

Brian Krebs may be first journalist to suffer vicious hack known as swatting.

Update: Krebs has now written about his experience in some detail. The same people responsible for the DDoS attack carried out yesterday on Krebs' site launched a similar attack on Ars Technica this morning.

Now, Krebs has achieved a decidedly more grim distinction. On Thursday, he became one of the first journalists to be on the receiving end of a vicious hoax that prompted a raid on his Northern Virginia home by a swarm of heavily armed police officers. The tactic, known as "swatting," has long been a favorite of depraved hackers. They use computers or special phone equipment to make emergency calls that appear to come from their target's phone number. When a 911 operator answers, they report a life-threatening, sometimes horrific crime in progress. Police, often armed with assault rifles, descend on the target's home, sometimes breaking down doors in the mistaken belief that their lives are on the line by gun-toting criminals carrying out home invasion robberies or drugged-out maniacs committing multiple homicides.

It was around 5pm. Krebs, 40, had just finished preparing his home for a small dinner party he had planned for later that evening. While vacuuming his home, his phone rang a few times, but he decided not to answer since he didn't want to get held up. When he finished, he realized there was still some tape at the entrance of his house where Christmas lights had been. He thought it made sense to remove it before his guests arrived.

"As soon as I open the front door, I hear this guy yelling at me, behind a squad car, pointing a pistol at me saying: 'Don't move. Put your hands up,'" Krebs, who is a long-time friend and colleague, told me. "The first thing I said was: 'You've got to be kidding me.'"

In all, there were at least a dozen officers with pistols, shotguns, and assault rifles pointed at him. They had police dogs circling his house and cruisers had sealed off a nearby street. Krebs, who was dressed in just gym shorts and a T-shirt, complied. Wisely.

"Two different guys were barking orders at me," he continued. "I finally said: 'Which way should I go?'" One officer told Krebs to lie on the ground, but before he could comply the other cop ordered Krebs to walk backwards. Eventually, "they put the cuffs on me and took me up the street. I was freezing the whole time."

Krebs said an officer of the department told him that police received a 911 call that appeared to come from Krebs' phone. The caller posed as Krebs and said he was hiding in a closet after Russian thieves had broken into his home and shot his wife. They were now stealing jewelry, the caller reported. Fairfax County Police officials didn't respond to calls seeking comment for this article.

Some bad people don’t like him

As a savvy reporter who has chronicled hacking crimes for more than a decade, Krebs has long been on the receiving end of attacks. His site, KrebsonSecurity, is regularly knocked offline by DDoS attacks—presumably by people who are unhappy that the articles he publishes threaten their illicit livelihoods or tarnish their reputations. Indeed, the most recent attack happened only a few hours before the swarm of officers raided his house.

About six months ago, after receiving a round of new threats, he grew so concerned about the prospect of being swatted that he filed a report with the Fairfax County Police Department.

"The guy didn't even know what swatting was," Krebs said of the officer who came to his home to take the report. "I was kind of surprised."

During Thursday's confrontation, Krebs recalled making the report. But wisely, he largely kept his disbelief and dismay to himself.

"I knew immediately from the minute I saw the policemen behind the car what had happened," he said. "You don't argue with someone who's pointing a gun. You don't argue when the police show up with overwhelming force. You just do what you're told and explain it later."

After about five minutes in custody, Krebs explained that he was the victim of a monstrous crime known as swatting. One of the officers asked if Krebs was the person who had filed a report a few months earlier. When Krebs replied yes, the officers did a quick search of his home. With preparations for a dinner party clearly on display, it quickly became apparent that Krebs' home was not a crime scene and that the call was part of a fiendish plot. An officer told him later that they had tried calling him before he opened his front door but no one had answered the phone.

Krebs's website has received so many attacks over the past few years that he contracts with anti-DDoS provider Prolexic. Earlier in the day, the company sent him an e-mail purporting to come from an FBI agent. It requested that the company stop hosting his site because an article he published on Wednesday about a website selling illicitly obtained credit reports "contains illegal linking and pictures of Ssndob.ru." The letter turned out to be a fake. Later in the day, KrebsonSecurity came under yet another DDoS attack. While the journalist has no hard proof, he said he suspects all three attacks, and the tie to Ssndob.ru, are all connected.

As someone who has covered law enforcement and the dark side of the Internet for years, Krebs has long known the dangers of swatting. But he said the experience gave him a new appreciation for the tremendous risk it poses to both the target and the police officers who become unwitting accomplices in the potentially violent crime.

"There's a tendency for people to think this is a fun game," he explained. "It's a pretty dangerous thing to do. You're putting a lot of people's lives at risk. If somebody kicks in your door, I could imagine situations where people who are armed and in their home fire back at an intruder who claims to be the police. And what a mess that would be."

Krebs believes that one possible reason the scourge of swatting continues to this day is the patchwork of law enforcement agencies that respond to these crimes. Often local police are left to investigate, even when the perpetrators may be half a world away. He wants that to change. "Your local police department, the ones that are responding to these distress calls, they don't have the bandwidth," he said. "This is an area where federal law enforcement needs to be coordinating investigations. I'd like to see some sort of recognition or statement from federal law enforcement that this is something they're actively investigating."

An officer told him later that they had tried calling him before he opened his front door but no one had answered the phone.

On the bright side, that is more than I've heard swat teams do in the past. Forwarding this article to a local SWAT training officer I know. I suggest everyone in this thread who knows a police officer do the same.

152 Reader Comments

It should be noted, that they were able to spoof the phone network effectively enough that it fooled the 911 dispatch system.

The same system that can backtrack calls when dealing with hoaxes, that can lock and hold lines openThe same system that can be used as rough gps triangulation (cell tower cross traffic)the same system that can route across fire, police and paramedics - wide accesses.The same system thats supposed to pull up location information, down to building level detail so taht the dispatcher can do their job properly (guide emergency services in)The same systems that trust VOIP systems to have the correct locational information attached, and can see if a host IP is CONUS or non CONUS.

Yeah, they were able to fool that system effectively enough that Swat were unleashed

Had he not phoned them months prior, they`d not have even tried to call him before booting the door in, ti could have been much MUCH worse.

Never mind the chinese hackers, thats some seriously spooky ghost in the shell stuff.

Using such language really hurts the credibility of the whole article.

I respectfully disagree. Not only is it an extremely dangerous plot (what if he'd answered the door holding a kitchen knife? are we to discount the possibility that he could have been accidentally shot?) but it also distracts the police force/SWAT team from their normal duties (what if there had been an actual crime in progress that required that SWAT team?).

The same system that can backtrack calls when dealing with hoaxes, that can lock and hold lines openThe same system that can be used as rough gps triangulation (cell tower cross traffic)the same system that can route across fire, police and paramedics - wide accesses.The same system thats supposed to pull up location information, down to building level detail so taht the dispatcher can do their job properly (guide emergency services in)The same systems that trust VOIP systems to have the correct locational information attached, and can see if a host IP is CONUS or non CONUS.

The cops may be dangerous wherever you're from, but here (in a city of ~100,000) I've had a few run ins with the cops, and I was even considered "dangerous" in those runs ins, but I've never been close to getting shot.

This is exactly why law enforcement needs to go out of their way not to escalate a situation. If the first response every time is to go in with overwhelming force we are in a sad state. I give kudos to the officers in the story for not breaching and tossing flash bangs. Also glad to hear they tried calling back the residence too. These guys seem like that had a lot more common sense than many of the officers that I read about in similar situations. I'm sure the prior police report helped a little.

Using such language really hurts the credibility of the whole article.

I respectfully disagree. Not only is it an extremely dangerous plot (what if he'd answered the door holding a kitchen knife? are we to discount the possibility that he could have been accidentally shot?) but it also distracts the police force/SWAT team from their normal duties (what if there had been an actual crime in progress that required that SWAT team?).

That is not the point. I didn't imply that the actions were not a crime or forgivable on any level. But a good journalist shouldn't use subjective adjectives to describe on objective fact. Wether an action is "fiendish" is always a matter of personal oppinion and the author shouldn't slip his own into the article in such a way.

Now you have me curious -- how would you describe this? Surely you agree this is more than just a playful prank. Would we only describe this as vicious or monstrous if Krebs had suffered some kind of physical harm or emotional trauma? (he seems to have taken the whole ordeal quite well, but that's beside the point)

This is exactly why law enforcement needs to go out of their way not to escalate a situation. If the first response every time is to go in with overwhelming force we are in a sad state. I give kudos to the officers in the story for not breaching and tossing flash bangs. Also glad to hear they tried calling back the residence too. These guys seem like that had a lot more common sense than many of the officers that I read about in similar situations. I'm sure the prior police report helped a little.

Yeah, the 100+ cop rounds fired at a two old ladies delivering newspapers in LA a few weeks ago comes to mind.

Using such language really hurts the credibility of the whole article.

I respectfully disagree. Not only is it an extremely dangerous plot (what if he'd answered the door holding a kitchen knife? are we to discount the possibility that he could have been accidentally shot?) but it also distracts the police force/SWAT team from their normal duties (what if there had been an actual crime in progress that required that SWAT team?).

That is not the point. I didn't imply that the actions were not a crime or forgivable on any level. But a good journalist shouldn't use subjective adjectives to describe on objective fact. Wether an action is "fiendish" is always a matter of personal oppinion and the author shouldn't slip his own into the article in such a way.

Some of the best journalism has a point of view. Coverage of the 1950s civil rights movement certainly had one. So did the Pentagon Papers. For too long, people have viewed SWATting as a prank. It's not. It's something much more vicious than that, and it's time news articles made this clear.

I'm deaf and this would be an even more serious risk to my life. I live in the UK so SWATings are less common here but we have more and more heavily armed police shooting up taxicabs and brazilian electricians and telling completely obvious lies later to cover up.

Using such language really hurts the credibility of the whole article.

I respectfully disagree. Not only is it an extremely dangerous plot (what if he'd answered the door holding a kitchen knife? are we to discount the possibility that he could have been accidentally shot?) but it also distracts the police force/SWAT team from their normal duties (what if there had been an actual crime in progress that required that SWAT team?).

That is not the point. I didn't imply that the actions were not a crime or forgivable on any level. But a good journalist shouldn't use subjective adjectives to describe on objective fact. Wether an action is "fiendish" is always a matter of personal oppinion and the author shouldn't slip his own into the article in such a way.

Alternatively you could look at the adjectives as synonyms for "malicious" which is not, in this case at least, subjective.

However I have to disagree with your core statement. The only people who might disagree that this was not "fiendish" are likely to be the ones who perpetrated it, and even then, they'd be likely to agree, albeit with pride.

Some of the best journalism has a point of view. Coverage of the 1950s civil rights movement certainly had one. So did the Pentagon Papers. For too long, people have viewed SWATting as a prank. It's not. It's something much more vicious than that, and it's time news articles made this clear.

If you want to make it known report the facts. Add arguements and conclusions. Possibly provide your personal oppinion on the matter.Don't spice up the facts by adding subjective/emotional words to the text which try to manipulate the readers impression. That's what tabloids do, but no serious journalists (imho).

Quite honestly I am fairly surprised that neither you or most of the other readers see the "problem" here. Now, I do not live in the US and maybe journalistic standards in my country are a bit different but given that I read Ars since several years and that was the first article were I noticed such misuse I somewhat doubt it.

"Swatting" should be viewed as what it really is, attempted murder by cop, and should be investigated accordingly.And I find it ironic that this reporter considers himself the first one this has happened to, as it has been linked to already, bloggers have had to deal with this for years, now."Swatting" wouldn't be that big of a deal if so many police departments didn't have a swat team to do the swatting with.Now that reporters have been on the receiving end of such tactics, maybe they will start writing stories on the proliferation of such teams, and their heavy use at the slightest pretext.Swat teams should be for extreme situations, not routine executions of warrants.

Using such language really hurts the credibility of the whole article.

I respectfully disagree. Not only is it an extremely dangerous plot (what if he'd answered the door holding a kitchen knife? are we to discount the possibility that he could have been accidentally shot?) but it also distracts the police force/SWAT team from their normal duties (what if there had been an actual crime in progress that required that SWAT team?).

That is not the point. I didn't imply that the actions were not a crime or forgivable on any level. But a good journalist shouldn't use subjective adjectives to describe on objective fact. Wether an action is "fiendish" is always a matter of personal oppinion and the author shouldn't slip his own into the article in such a way.

Some of the best journalism has a point of view. Coverage of the 1950s civil rights movement certainly had one. So did the Pentagon Papers. For too long, people have viewed SWATting as a prank. It's not. It's something much more vicious than that, and it's time news articles made this clear.

Agreed. I think there's a tolerance to SWATting among people the tech community, who seem to focus more on the technical particulars of the practice and less on the actual results/possible outcomes. The bottom line is, when you pull a SWATting stunt on someone, you're putting that person in an extremely dangerous position where they could be shot and harmed/killed. That is not a subjective take. That is a fact.

"Swatting" should be viewed as what it really is, attempted murder by cop, and should be investigated accordingly.And I find it ironic that this reporter considers himself the first one this has happened to, as it has been linked to already, bloggers have had to deal with this for years, now."Swatting" wouldn't be that big of a deal if so many police departments didn't have a swat team to do the swatting with.Now that reporters have been on the receiving end of such tactics, maybe they will start writing stories on the proliferation of such teams, and their heavy use at the slightest pretext.Swat teams should be for extreme situations, not routine executions of warrants.

SWATing also wouldn't be a big deal if cops, SWAT or no, weren't so famously and irresponsibly trigger-happy in the US.

Good article, but he's hardly the first reporter to be SWATted. There was a post on RedState (http://www.redstate.com/2012/05/29/one- ... -swatting/) about left wing activist (and suspected SWATter) Brett Kimberlin, that lead to the author be SWATted. The author references an account from LA County Prosecutor Patrick Frey who was also attacked for writing about Kimberlin. It really appears to be a serious problem.

Wow, I just listened to Krebs on Steve Gibson's podcast the other week talking about his activities, and I was thinking if there wasn't a lot of retaliation against him, being public and all (his underground IDs aren't, but his public ID is pretty well known with the right (wrong) circles). I figured he gets DoS'ed a lot, and the like, but this is seriously f'ed up.

An officer told him later that they had tried calling him before he opened his front door but no one had answered the phone.

On the bright side, that is more than I've heard swat teams do in the past. Forwarding this article to a local SWAT training officer I know. I suggest everyone in this thread who knows a police officer do the same.

Good article, but he's hardly the first reporter to be SWATted. There was a post on RedState (http://www.redstate.com/2012/05/29/one- ... -swatting/) about left wing activist (and suspected SWATter) Brett Kimberlin, that lead to the author be SWATted. The author references an account from LA County Prosecutor Patrick Frey who was also attacked for writing about Kimberlin. It really appears to be a serious problem.

Let's see it for what it is, far more than the prank calls to the tobacco shop two generations ago, or to Dominos a generation ago, swatting is targeted domestic terrorism with potentially deadly consequences either way (over-/under-reaction by LEO.)

Hang a few swatters and the problem will decrease by an order of magnitude.

SWAT teams are necessary because the average American is likely to be armed, homes are defensible and criminals arent known for their restraint. In an ideal world, that level of force wouldnt be needed, but in an ideal world, bank robbers wouldnt tote AK47s and body armor. SWAT is just a tool for dealing with a problem.

Unfortunately, that tool is a hammer and an awful lot of problems look like nails.

The UK police arent commonly armed, theyre actually something like 42 seperate police forces with their own foibles and slight differences - kind of akin to the differences between police and state police. They have specially trained armed response units, who have fire-arms with the happy fun switch still intact.

Each and every officer licensed to carry a firearm (on the mainland) goes through strict training and continual assessments - accidents do occur, so theyre not perfect, but theyre a lot less trigger happy than american cops (100 rounds into the back of a truck without hitting either occupant, cmon!). The PSNI (n,.ireland) are still mostly armed, due to the ongoing threat from dissidents and terrorists, sometiems to their peril (some have been dragged from their cars and murdered with their own guns). Most of the population over 20 remembers soldiers on the streets and armed checkpoints at every other corner, and not just handgun armed, Armalite SLRS, mp5s.

SWAT teams are necessary because the average American is likely to be armed, homes are defensible and criminals arent known for their restraint. In an ideal world, that level of force wouldnt be needed, but in an ideal world, bank robbers wouldnt tote AK47s and body armor. SWAT is just a tool for dealing with a problem.

Unfortunately, that tool is a hammer and an awful lot of problems look like nails.

The UK police arent commonly armed, theyre actually something like 42 seperate police forces with their own foibles and slight differences - kind of akin to the differences between police and state police. They have specially trained armed response units, who have fire-arms with the happy fun switch still intact.

Each and every officer licensed to carry a firearm (on the mainland) goes through strict training and continual assessments - accidents do occur, so theyre not perfect, but theyre a lot less trigger happy than american cops (100 rounds into the back of a truck without hitting either occupant, cmon!). The PSNI (n,.ireland) are still mostly armed, due to the ongoing threat from dissidents and terrorists, sometiems to their peril (some have been dragged from their cars and murdered with their own guns). Most of the population over 20 remembers soldiers on the streets and armed checkpoints at every other corner, and not just handgun armed, Armalite SLRS, mp5s.

Actually, one of the occupants of said truck was hit with two rounds in the back and is still recovering. Agreed on the non-adherence to training, which is to: identify a person as a suspect, determine if said suspect is a threat, order that threat to stand down, then shoot if if threatened with deadly force by said suspect. None of these things occured in the case of the newspaper ladies' vs. trigger-happy LAPD cops incident and hundreds, if not thousands, of similar incidents across the US.

I wonder if those LAPD cops who did the shooting will face criminal charges for misuse of force due to their obvious disregard for protocol regarding the use of force?

He was most likely detained, not in custody for a crime which are two different things, people get detained all the time.

Oh, he was definitely in custody. If a reasonable person would believe the he cannot walk away from the police freely, then he is in custody. That's from Miranda v Arizona, a landmark SCOTUS decision that stands today. The word "detained" has no legal meaning other than "in custody", so your statement doesn't make sense. Perhaps you meant that he was in custody but not arrested, a genuine legal difference.

These terms are used differently in different contexts. Your Miranda rights are triggered if you are the subject of "custodial interrogation"; in that context an interrogation is "custodial" if the person wouldn't feel free to leave.

But in *other* contexts, being taken into custody means arrested, and arrested (in my jurisdiction, and several other jurisdictions, but not all jurisdictions) means being held to answer for a crime. In this context, if you are being arrested you will be considered "in custody," but if you are just being held to sort things out, you are being detained.

(If you are being held for your own good because of mental health issues, you may be temporarily "detained," subject to an order for emergency "detention," or civilly "committed". (Temporary detention and emergency detention are for different time periods, one for a week and one for 72 hours, but I've forgotten which is is which).

Should those claiming to be our superiors really be so obtuse and gullible? I would have the bosses of this team in jail if there were any means whatsoever. You don't get to wield this kind of power over people, claim total impunity and yet display this kind of gross incompetence. To put it another way, what the hell do they think they're doing claiming authority over us if they're not actually any better at security than us?

Using such language really hurts the credibility of the whole article.

Given that it was (likely) a plot (and cruel to boot), definitely a crime (and a pretty monstrous thing to put a person through), and certainly a hoax (and a vicious one), I don't see it.

It has nothing to do with whether we may agree with Mr. Goodin (as I do) that the incident was all of these things. Journalism is supposed to be written from a neutral point of view. The words "fiendish", "monstrous", and "vicious" are not neutral at all. They are extremely evocative adjectives -- one might go so far as to say inflammatory -- and their use tinges the piece with an emotional tone that used to be entirely anathema to what is considered good journalism. Hope that helps.

1. Call police and inform them of a fabricated crime at John's house.2. Call John and either threaten or warn of impending attack (not by police).3. Watch SWAT no-knock into his house and shoot a man armed and ready for an attack.

"Your local police department, the ones that are responding to these distress calls, they don't have the bandwidth," he said.

But they have enough money for a full blown state of the art SWAT Team and more than likely brand new state of the art equipment and vehicles. "Oops, sorry, we just spent $5 million dollars on equipment and gear to keep you safe out in the field, we cannot afford another $100 per month on Boradband, too bad."

Longtime Ars reader. First post. Apologize for the TL;DR. The short version of the below is: SWATing is dangerous because our police are so dangerous and trigger-happy and almost never held to account for mistaken shootings.

In case of TL;DR, here's my short version: Contrary to media hype, your claim is just fundamentally not true.

We've got a country of 300 million people. FBI stats seem to show police shootings total somewhere in the few hundreds per year. A majority of those are justified. So if you look at actual data, you'd see that unjustified police shootings in the U.S. are (i) extremely rare but (ii) highly publicized.

As just one example, there was just a shooting in NYC that's being investigated right now. But what the media has repeatedly ignored in its coverage is that the rate of officers discharging their weapons for any reason in the NYPD is way down. Even if this turns out to be an unjustified shooting, it will simply be a blip in a statistical record that shows cops in NYC have never shot less at civilians.

Basically, your claim of "dangerous and trigger-happy" is simply not borne out by actual facts.

This is exactly why law enforcement needs to go out of their way not to escalate a situation. If the first response every time is to go in with overwhelming force we are in a sad state. I give kudos to the officers in the story for not breaching and tossing flash bangs. Also glad to hear they tried calling back the residence too. These guys seem like that had a lot more common sense than many of the officers that I read about in similar situations. I'm sure the prior police report helped a little.

Yeah, the 100+ cop rounds fired at a two old ladies delivering newspapers in LA a few weeks ago comes to mind.

The strange thing was the cops shot as the two women drove towards them, but due to some sort of gravity and space time inversion, the women were shot in the back.

"Police, often armed with assault rifles, descend on the target's home, sometimes breaking down doors in the mistaken belief that their lives are on the line ..."

specifically "mistaken belief"

There is no such thing when you believe, or have reason to believe, a threat exists. Its not mistaken, its a real belief until proven otherwise.

I know its difficult for the more liberal, and the inexperienced, and those who want to slam the police for anything at all, and those who want to examine every little word for its exact definition, to understand that but its a concept not a definition and its definitely not mistaken.